Shorewall 4.5.21.6 is now available for download. Problems corrected since 4.5.21.5: 1) When a non-terminating target specified logging, the compiler would erroneously generate a 'goto' (-g) iptables command rather than a 'jump' (-j) command. This caused the wrong set of rules to be traversed, usually the catchall 'REJECT' or 'DROP' rule at the end of the INPUT or FORWARD chain. The compiler now generates a 'jump' rule in these cases. 2) When an interface containing a period (such as a VLAN interface) was used in an 'add' or 'delete' command, the wrong ipset name was generated, resulting in failure of the command. Thank you for using Shorewall, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ WatchGuard Dimension instantly turns raw network data into actionable security intelligence. It gives you real-time visual feedback on key security issues and trends. Skip the complicated setup - simply import a virtual appliance and go from zero to informed in seconds. http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk